CVE-2026-9398 | Besen BS20 EV Charging Station up to 20260426 BLE/WiFi authentication replay

A vulnerability was found in Besen BS20 EV Charging Station up to 20260426. It has been declared as problematic. This affects an unknown part of the component BLE/WiFi. Such manipulation leads to authentication bypass by capture-replay.

This vulnerability is listed as CVE-2026-9398. The attack must be carried out from within the local network. In addition, an exploit is available.

The original disclosure mentions, that “[t]hese vulnerabilities have been reported to Besen and we have received their acknowlegement that they are reviewing this as of April 2026.”

CVE-2026-9398 | Besen BS20 EV Charging Station up to 20260426 BLE/WiFi authentication replay

Post correlati

CVE-2024-48024 | Fahad Mahmood Keep Backup Daily Plugin up to 2.0.7 on WordPress exposure of sensitive system information to an unauthorized control sphere

CVE-2025-15574 | SolaX Power Pocket WiFi 4.0 prior 3.022.03 Registration random values

CVE-2025-69426 | RUCKUS vRIoT IOT Controller up to 2.x SSH Service permission assignment

CVE-2023-37188 | C-Blosc2 up to 2.9.2 zfp/blosc2-zfp.c zfp_rate_decompress null pointer dereference (Issue 521)